Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x up to and including 6.0.2 allows user-assisted remote malicious users to inject arbitrary web script or HTML via a crafted URL containing text that is used within a modal popup.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dotnetnuke dotnetnuke 6.0.0 |
||
dotnetnuke dotnetnuke 6.0.1 |
||
dotnetnuke dotnetnuke 6.0.2 |